Operating System - Linux
1748185 Members
4299 Online
108759 Solutions
New Discussion юеВ

RHEL5: Having 9200 entries in /etc/services, does it post a security threat?

 
SOLVED
Go to solution
Daniel Simard
Frequent Advisor

RHEL5: Having 9200 entries in /etc/services, does it post a security threat?

I would like to hear your interpretation of the purpose of the /etc/services file.

Is it a reference point for programs to use protocols and ports only?

Or it is used as a security file, which means if an entry is not in there, the program will not work thus you are "safe".

Would you recommend having the least amount of services in that file to increase security or is it irrelevant?

Please help me understand.

on a side note: any pdf's or links you could give me on how to increase security on red hat system?
Si tu n'as pas ce que tu aimes, aimes ce que tu as.
2 REPLIES 2
Ivan Ferreira
Honored Contributor
Solution

Re: RHEL5: Having 9200 entries in /etc/services, does it post a security threat?

>>> Is it a reference point for programs to use protocols and ports only?

The /etc/services is basically used, as a translation from ports to names. It's similar to the function provided by /etc/hosts, but for services. It's used for commands like netstat to display the port numbers as names.

>>> Or it is used as a security file,

No.

>>> Would you recommend having the least amount of services in that file to increase security or is it irrelevant?

Is not relevant the number of lines.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Steven E. Protter
Exalted Contributor

Re: RHEL5: Having 9200 entries in /etc/services, does it post a security threat?

Shalom,

/etc/services is more like a reservations file.

Services declare their intention to use a port and protocol.

Some services won't work without it.

But real security is established by shutting down unneeded services and keeping them from listening.

/etc/services is good to use but some services like Oracle choose not to do so.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com